GUACAMOLE-1110: Merge support for running the "guacd" Docker image as a specific service user.

This commit is contained in:
Mike Jumper 2020-07-02 22:34:35 -07:00 committed by GitHub
commit f0dee00d33
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -90,6 +90,7 @@ ENV LD_LIBRARY_PATH=${PREFIX_DIR}/lib
ENV GUACD_LOG_LEVEL=info ENV GUACD_LOG_LEVEL=info
ARG RUNTIME_DEPENDENCIES=" \ ARG RUNTIME_DEPENDENCIES=" \
netcat-openbsd \
ca-certificates \ ca-certificates \
ghostscript \ ghostscript \
fonts-liberation \ fonts-liberation \
@ -100,15 +101,25 @@ ARG RUNTIME_DEPENDENCIES=" \
COPY --from=builder ${PREFIX_DIR} ${PREFIX_DIR} COPY --from=builder ${PREFIX_DIR} ${PREFIX_DIR}
# Bring runtime environment up to date and install runtime dependencies # Bring runtime environment up to date and install runtime dependencies
RUN apt-get update && \ RUN apt-get update && \
apt-get install -y $RUNTIME_DEPENDENCIES && \ apt-get install -y --no-install-recommends $RUNTIME_DEPENDENCIES && \
apt-get install -y $(cat "${PREFIX_DIR}"/DEPENDENCIES) && \ apt-get install -y --no-install-recommends $(cat "${PREFIX_DIR}"/DEPENDENCIES) && \
rm -rf /var/lib/apt/lists/* rm -rf /var/lib/apt/lists/*
# Link FreeRDP plugins into proper path # Link FreeRDP plugins into proper path
RUN ${PREFIX_DIR}/bin/link-freerdp-plugins.sh \ RUN ${PREFIX_DIR}/bin/link-freerdp-plugins.sh \
${PREFIX_DIR}/lib/freerdp2/libguac*.so ${PREFIX_DIR}/lib/freerdp2/libguac*.so
# Checks the operating status every 5 minutes with a timeout of 5 seconds
HEALTHCHECK --interval=5m --timeout=5s CMD nc -z 127.0.0.1 4822 || exit 1
# Create a new user guacd
ARG UID=1000
RUN useradd --system --create-home --shell /usr/sbin/nologin --uid $UID --no-user-group guacd
# Run with user guacd
USER guacd
# Expose the default listener port # Expose the default listener port
EXPOSE 4822 EXPOSE 4822